TL;DR Introduction We investigated a ransomware incident on a Windows Server 2012 host running in an SFTP-only role. The ...

Multiple vulnerabilities in Ruckus Wireless management products could be exploited to fully compromise the managed environments.

Threat actors leverage exposed JDWP interfaces for code execution and cryptocurrency mining, with global scanning activity ...

And hence, enter NetImposter, a new tool specifically designed to automate this process, sending spoofed ARP packets, and establishing an “impossible” TCP connection. Impossible RCE in SSH ...

Public exploits are now available for a critical Erlang/OTP SSH vulnerability tracked as CVE-2025-32433, allowing unauthenticated attackers to remotely execute code on impacted devices.

Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an attacker to perform unauthenticated ...

Erlang/OTP SSH, a set of libraries for the Erlang programming language, carries a maximum-severity vulnerability that allows for remote code execution and is “surprisingly easy” to exploit ...

OpenSSH patches a pair of vulnerabilities. Russian threat actors are exploiting Signal’s “Linked Devices” feature. Over 12,000 GFI KerioControl firewalls remain exposed to a critical remote code ...

On July 1st, 2024, the cybersecurity community was rocked by the discovery of a critical Remote Code Execution (RCE) vulnerability in OpenSSH, aptly named regreSSHion. This revelation triggered a ...

Explore the regreSSHion vulnerability in OpenSSH, its potential impact, and best practices for securing your SSH environment against this critical RCE threat.